things you haven t done to protect your business from cybercrime

Transcription

1 5 things you haven t done to protect your business from cybercrime

2 5 things you can do to protect your business from cybercrime

3 27,000,000,000

4 27billion is a big number and is what the UK government estimates as the annual cost of cybercrime to individuals and businesses 1. The global cost is estimated at $300billion to $1trillion 2. Global revenues from cybercrime in 2011 were estimated at $12.5Billion dollars 3. The point is cybercrime is a big business and a big problem. Hackers are well funded and well organised. What started 40 years ago as a means for nerds to gain kudos from one another is now a big business with the mafia professionalising what was a previously disorganised group. With so much to gain, if you re a hacker working in a billion dollar business, you re going to make sure you reach your victims, so you test your malware against common security products to make sure it will get through. That s why Anti Virus software and firewalls alone will not make you invulnerable. So let us to show you the 5 things, easiest first, you can do to better protect you business. 1. https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/60943/the-cost-of-cyber-crime-full-report.pdf

5 1 Train your staff

6 The best means of attack is through social engineering and hackers look to trick us to download their code. Your staff need to understand the risks they face so they take the threat seriously. They need to know how they can be attacked so they can spot attempted attacks and know how to deal with them. To help you do this, you can download our free cyber crime training pack based on our own in-house security induction training you can use to bring you and your staff up-to-speed. DOWNLOAD YOUR FREE TRAINING PACK

8 Mrs Sugden knew a thing or two about the power of changing hair colour. But she may not have realised its part in cyber-security. A strong password should have a minimum password length of 12 to 14 characters, include lowercase and uppercase alphabetic characters, numbers and symbols and be randomly generated. However, this makes for a password that is very difficult to remember. As an alternative, passphrases or passphrase derived passwords are easy to remember, whilst remaining difficult to crack. The phrase My grandmother Ethel paid 39 for a blue rinse Becomes the passphrase MygrandmotherEthelpaid 39forabluerinse or if this is too long, the password MgEp 39fabr using the first letters of each word. When you need to change the password, change a word in the passphrase: My grandmother Ethel paid 39 for a pink rinse My uncle Bert paid 39 for a blue rinse My grandmother Ethel paid 32 for a blue rinse The more interesting you make the phrase, the easier it is to remember.

9 3 Ditch Windows XP

10 It s been around for more than a decade but with Microsoft stopping the release of security patches for Windows XP back in April 2014, now really is the time to ditch Windows XP for good and move on to something that is more secure and supported. The 16% desktop Operating System market share that XP still holds is going to attract criminals like moths to a flame so expect an increase in the number of Windows XP exploits that are found from which you won t be protected. If you really can t get rid of it, block off any computers using Windows XP from the internet with your firewall. Click to Talk We re here to help

11 4 Block outbound traffic on your firewall

12 You ve already got a firewall to protect your network from incoming traffic (haven t you?). To reduce the chances of data leaking from your network in the event it is compromised, allow outbound internet access on known safe ports only. This is because malware often communicates to command and control servers on non-standard ports. Blocking these can help limit the damage if you are compromised. Click to download our list of recommended outbound ports cheat sheet below. DOWNLOAD OUR PORT CHEAT SHEET

13 5 Regularly patch your systems

14 Hackers look for vulnerabilities in commonly used software. The most obvious of these is the operating system, with Windows being the prime target because of it s huge installed base. But other widely used software such as Adobe Reader, Adobe Flash, Java, Firefox and Chrome are also targets. You should make it a priority to regularly update your software on your computers. Turn on automatic updates and encourage your staff to keep these turned on and check that machines are up-to-date. Ideally this should be automated. Unfortunately there is a small risk that patching can make previously working systems stop working - for this you need to remove problem patches. Stellarise can automate patching across your computers so it is scheduled to happen at the least disruptive time, monitored so you know it has happened and you can stay compliant, filtered to remove patches you don t want and includes 3rd party support for common problem applications. Click to Talk We re here to help

15 6 Talk to us

16 Rate this content and help Stellarise improve. We want to create great content for you (not for us), so we d like to hear what you thought of this guide Just click on the image to let us know how you re feeling and give us your feedback in a matter of seconds.

17 Like what you read? Then share with your friends.

18 Stellarise are a complete outsourced IT team for growing businesses that want to maximise the way their IT supports them. Of course we keep your network, servers and systems humming sweetly, but what gets us really excited is helping our clients work productively wherever they are. Or delivering realtime sales performance data to the CEO s iphone. Or allowing customers to book appointments online by opening up existing systems. Click to Talk We re here to help support disaster recovery custom development custom hosting

How to prevent computer viruses in 10 steps Following on from our advice on how to keep your online data secure, we ve created a follow-up outlining how you can keep your computer itself safe. Not only

The 7 Most Cricitcal I.T. Security Protections Every Business Must Have in Place Now to Protect Themselves from Cybercrime, Data Breaches, and Hacker Attacks Cybercrime is at an all-time high, and hackers

The hidden risks of mobile applications This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit. To learn more about TraceSecurity visit www.tracesecurity.com

A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose

HoneyBOT User Guide A Windows based honeypot solution Visit our website at http://www.atomicsoftwaresolutions.com/ Table of Contents What is a Honeypot?...2 How HoneyBOT Works...2 Secure the HoneyBOT Computer...3

SMALL BUSINESSES WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY ONE CLICK CAN CHANGE EVERYTHING SMALL BUSINESSES My reputation was ruined by malicious emails ONE CLICK CAN CHANGE EVERYTHING Cybercrime comes

2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security For 10 years, Microsoft has been studying and analyzing the threat landscape of exploits, vulnerabilities, and malware.

It s 2 o clock: Who Has Your Data? Josh Krueger Chief Technology Officer Integrity Technology Solutions Your home is your business and your farm is your network. But who has access to it? Can you protect

The Importance of Patching Non-Microsoft Applications Technical WHITE PAPER The Importance of Patching Non-Microsoft Applications In the past, organizations patched only Microsoft operating systems. As

YOUR DATA UNDER SIEGE: GUARD THE GAPS WITH PATCH MANAGEMENT. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next Your Data Under Siege: Guard the Gaps with Patch Management 1.0

Welcome To The L.R.F.H.S. Computer Group Wednesday 27 th November 2013 BACKUP SECURITY AND THE CLOUD BACK UP ALWAYS BACK UP TO AN EXTERNAL DEVICE OR REMOVAL MEDIA- NEVER DIRECTLY ON TO YOUR COMPUTER IF

SOFTWARE UPDATER A unique tool to protect your business against known threats OVERVIEW This document explains the functionality of Software Updater. What it is, what it does, how it works, what gets patched

NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the

How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Streamlining Web and Email Security sponsored by Introduction to Realtime Publishers by Don Jones, Series Editor

AARP can help you Spot & Report Fraud Fraud Fighter Call Center: Talk to a volunteer trained in how to spot and report fraud. Call the Fraud Fighter Call Center at (877) 908-3360 Fraud Watch Campaign What

Cyber Crime: You Are the Target When talking about computer crime, we often hear the observation from computer users that they aren t rich and therefore what they have isn t worth much to a cyber criminal.

Small businesses: What you need to know about cyber security March 2015 Contents page What you need to know about cyber security... 3 Why you need to know about cyber security... 4 Getting the basics right...

What you need to know to keep information safe and secure Introduction Welcome to Boston University s Security Awareness training. Depending on your reading speed, this presentation will take approximately

BSHSI Security Awareness Training Originally developed by the Greater New York Hospital Association Edited by the BSHSI Education Team Modified by HSO Security 7/1/2008 1 What is Security? A requirement

What you need to know to keep your computer safe on the Internet Tip 1: Always install Operating System updates The most important steps for any computer user is to always install updates, especially security

aaa BUSINESS SECURITY SECURITY FOR LIFE CHAPTER 1: WHY COMPUTER SECURITY IS IMPORTANT FOR YOUR BUSINESS No matter how big or small your business is, it s highly likely that you have some information stored

1 How to complete the Secure Internet Site Declaration (SISD) form The following instructions are designed to assist you in completing the SISD form that forms part of your Merchant application. Once completed,

The Importance of Patching Non-Microsoft Applications Technical WHITE PAPER The Importance of Patching Non-Microsoft Applications In the past, organizations patched only Microsoft operating systems. As

Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential

Basic Security Tips Bookmarks for Desktop Self-Defense Get Safe Online http://www.getsafeonline.org/ Get Safe Online will help you protect yourself against Internet threats. The site is sponsored by government

Security & SMEs An Introduction by Jan Gessin Introduction to the problem SMEs convinced it will never happen to them. In many ways SMEs are more of a target than big business. Harsh realities of the online

Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology

Account Security One of the easiest ways to lose control of private information is to use poor safeguards on internet accounts like web-based email, online banking and social media (Facebook, Twitter).

HOW TO PROTECT YOUR DATA INTRODUCTION Every day in the news, we hear about data breaches. Are you concerned your sensitive business, customer and supplier data is not protected? Do you have a secret sauce

Online Valuation Portal User Guide Online User Guide Logging in for the first time This guide is designed to help explain how to login in to our updated Online Client Portal. If you are unable to login

The Importance of Patching Non-Microsoft Applications Technical WHITE PAPER The Importance of Patching Non-Microsoft Applications In the past, organizations patched only Microsoft operating systems. As

Recommended Practice Case Study: Cross-Site Scripting February 2007 iii ACKNOWLEDGEMENT This document was developed for the U.S. Department of Homeland Security to provide guidance for control system cyber

SecureIT Plus PC Security To learn more about Security Coverage s suite of security features, select from the Quick Links that follow. This document can also be printed, or saved to your desktop and used

By James Thomas DTEC 6823 Summer 2004 What is a firewall? Firewalls for small business A firewall is either hardware, software or a combination of both that is used to prevent, block or should I say try

DTR Business Systems, Inc. Rene Beltran Established 1983 Provide on premise and off premise server based technology for Small Business users. Provide hardware, network and operating systems support for

Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or

SURVEY REPORT: cyber security Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions Confidence in a connected world. Executive summary An online survey revealed that while U.S.

Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses 2004 Microsoft Corporation. All rights reserved. This document is for informational purposes only.

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS ftrsecure.com Can You Separate Myths From Facts? Many Internet myths still persist that could leave you vulnerable to internet crimes. Check out

Cyber Security Personal and commercial information is the new commodity of choice for the virtual thief, argues Adrian Leppard, Commissioner for City of London Police, as he sets out the challenges facing

Greenspring Computer Club April 2015 No matter how savvy you are, there are certain things every one of us has to deal with when using a computer and we don t always deal with them in the most efficient

IT & DATA SECURITY BREACH PREVENTION A PRACTICAL GUIDE Part I: Reducing Employee and Application Risks As corporate networks increase in complexity, keeping them secure is more challenging. With employees

White Paper Spear Phishing Attacks Why They are Successful and How to Stop Them Combating the Attack of Choice for Cybercriminals White Paper Contents Executive Summary 3 Introduction: The Rise of Spear

SPEAR PHISHING UNDERSTANDING THE THREAT SEPTEMBER 2013 Due to an organisation s reliance on email and internet connectivity, there is no guaranteed way to stop a determined intruder from accessing a business

Securing Industrial Control Systems in the Chemical Sector Roadmap Awareness Initiative Making the Business Case Developed by the Chemical Sector Coordinating Council in partnership with The U.S. Department

You wouldn t leave the door to your premises open at night. So why risk doing the same with your network? Most businesses know the importance of installing antivirus products on their PCs to securely protect

5 DEADLY MISTAKES THAT BUSINESS OWNERS MAKE WITH THEIR COMPUTER NETWORKS AND HOW TO PROTECT YOUR BUSINESS 1 Introduction As small and mid-sized companies rely more heavily on their computer networks to

CYBERSECURITY: Is Your Business Ready? Cybersecurity: Is your business ready? Cyber risk is just like any other corporate risk and it must be managed from the top. An organization will spend time monitoring

Did you know your security solution can help with PCI compliance too? High-profile data losses have led to increasingly complex and evolving regulations. Any organization or retailer that accepts payment

CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to

ONLINE RECONNAISSANCE HOW YOUR INTERNET PROFILE CAN BE USED AGAINST YOU May 2013 Most people and organisations put information about themselves on the web. Companies advertise their work and achievements

How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Securing Endpoints without a Security Expert sponsored by Introduction to Realtime Publishers by Don Jones, Series

All-in-one coverage for your business PROTECTION SERVICE FOR BUSINESS IT security is a must IT security is fundamental for any business. The consequences of a malware attack or security breach can be staggering.

CHOOSING THE RIGHT PORTABLE SECURITY DEVICE A guideline to help your organization chose the Best Secure USB device Introduction USB devices are widely used and convenient because of their small size, huge

Lab Exercises Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Review Questions 1) In class, we made the distinction between a front-door attack and